package com.nbcio.cd.utils;

import com.nbcio.cd.service.ICdPermissionService;
import com.nbcio.common.satoken.utils.LoginHelper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import java.util.Arrays;
import java.util.List;

/**
 * 云网盘权限验证工具类
 *
 * @author nbacheng
 * @date 2024-01-01
 */
@Component
public class CdPermissionUtils {

    @Autowired
    private ICdPermissionService permissionService;

    /**
     * 权限类型常量
     */
    public static final String PERMISSION_READ = "read";
    public static final String PERMISSION_WRITE = "write";
    public static final String PERMISSION_DELETE = "delete";
    public static final String PERMISSION_SHARE = "share";
    public static final String PERMISSION_MANAGE = "manage";

    /**
     * 资源类型常量
     */
    public static final String RESOURCE_TYPE_FILE = "file";
    public static final String RESOURCE_TYPE_FOLDER = "folder";

    /**
     * 检查当前用户对文件的权限
     *
     * @param fileId 文件ID
     * @param permissionType 权限类型
     * @return 是否有权限
     */
    public boolean checkFilePermission(Long fileId, String permissionType) {
        Long userId = LoginHelper.getUserId();
        return permissionService.checkUserPermission(userId, RESOURCE_TYPE_FILE, fileId, permissionType);
    }

    /**
     * 检查当前用户对文件夹的权限
     *
     * @param folderId 文件夹ID
     * @param permissionType 权限类型
     * @return 是否有权限
     */
    public boolean checkFolderPermission(Long folderId, String permissionType) {
        Long userId = LoginHelper.getUserId();
        return permissionService.checkUserPermission(userId, RESOURCE_TYPE_FOLDER, folderId, permissionType);
    }

    /**
     * 检查当前用户对文件的读取权限
     *
     * @param fileId 文件ID
     * @return 是否有读取权限
     */
    public boolean checkFileReadPermission(Long fileId) {
        return checkFilePermission(fileId, PERMISSION_READ);
    }

    /**
     * 检查当前用户对文件的写入权限
     *
     * @param fileId 文件ID
     * @return 是否有写入权限
     */
    public boolean checkFileWritePermission(Long fileId) {
        return checkFilePermission(fileId, PERMISSION_WRITE);
    }

    /**
     * 检查当前用户对文件的删除权限
     *
     * @param fileId 文件ID
     * @return 是否有删除权限
     */
    public boolean checkFileDeletePermission(Long fileId) {
        return checkFilePermission(fileId, PERMISSION_DELETE);
    }

    /**
     * 检查当前用户对文件的分享权限
     *
     * @param fileId 文件ID
     * @return 是否有分享权限
     */
    public boolean checkFileSharePermission(Long fileId) {
        return checkFilePermission(fileId, PERMISSION_SHARE);
    }

    /**
     * 检查当前用户对文件夹的读取权限
     *
     * @param folderId 文件夹ID
     * @return 是否有读取权限
     */
    public boolean checkFolderReadPermission(Long folderId) {
        return checkFolderPermission(folderId, PERMISSION_READ);
    }

    /**
     * 检查当前用户对文件夹的写入权限
     *
     * @param folderId 文件夹ID
     * @return 是否有写入权限
     */
    public boolean checkFolderWritePermission(Long folderId) {
        return checkFolderPermission(folderId, PERMISSION_WRITE);
    }

    /**
     * 检查当前用户对文件夹的删除权限
     *
     * @param folderId 文件夹ID
     * @return 是否有删除权限
     */
    public boolean checkFolderDeletePermission(Long folderId) {
        return checkFolderPermission(folderId, PERMISSION_DELETE);
    }

    /**
     * 检查当前用户对文件夹的分享权限
     *
     * @param folderId 文件夹ID
     * @return 是否有分享权限
     */
    public boolean checkFolderSharePermission(Long folderId) {
        return checkFolderPermission(folderId, PERMISSION_SHARE);
    }

    /**
     * 获取当前用户对文件的所有权限
     *
     * @param fileId 文件ID
     * @return 权限列表
     */
    public List<String> getFilePermissions(Long fileId) {
        Long userId = LoginHelper.getUserId();
        return permissionService.getUserPermissions(userId, RESOURCE_TYPE_FILE, fileId);
    }

    /**
     * 获取当前用户对文件夹的所有权限
     *
     * @param folderId 文件夹ID
     * @return 权限列表
     */
    public List<String> getFolderPermissions(Long folderId) {
        Long userId = LoginHelper.getUserId();
        return permissionService.getUserPermissions(userId, RESOURCE_TYPE_FOLDER, folderId);
    }

    /**
     * 检查用户是否为资源所有者
     *
     * @param resourceOwnerId 资源所有者ID
     * @return 是否为所有者
     */
    public boolean isResourceOwner(Long resourceOwnerId) {
        Long currentUserId = LoginHelper.getUserId();
        return currentUserId != null && currentUserId.equals(resourceOwnerId);
    }

    /**
     * 检查用户是否有管理权限（所有者或管理员）
     *
     * @param resourceOwnerId 资源所有者ID
     * @return 是否有管理权限
     */
    public boolean hasManagePermission(Long resourceOwnerId) {
        // 检查是否为所有者
        if (isResourceOwner(resourceOwnerId)) {
            return true;
        }
        
        // TODO: 检查是否为管理员角色
        // 这里可以根据实际需求添加管理员角色检查逻辑
        
        return false;
    }

    /**
     * 验证权限并抛出异常
     *
     * @param hasPermission 是否有权限
     * @param message 异常消息
     */
    public void validatePermission(boolean hasPermission, String message) {
        if (!hasPermission) {
            throw new RuntimeException("权限不足: " + message);
        }
    }

    /**
     * 验证文件权限并抛出异常
     *
     * @param fileId 文件ID
     * @param permissionType 权限类型
     * @param message 异常消息
     */
    public void validateFilePermission(Long fileId, String permissionType, String message) {
        boolean hasPermission = checkFilePermission(fileId, permissionType);
        validatePermission(hasPermission, message);
    }

    /**
     * 验证文件夹权限并抛出异常
     *
     * @param folderId 文件夹ID
     * @param permissionType 权限类型
     * @param message 异常消息
     */
    public void validateFolderPermission(Long folderId, String permissionType, String message) {
        boolean hasPermission = checkFolderPermission(folderId, permissionType);
        validatePermission(hasPermission, message);
    }

    /**
     * 批量检查权限
     *
     * @param resourceType 资源类型
     * @param resourceIds 资源ID列表
     * @param permissionType 权限类型
     * @return 有权限的资源ID列表
     */
    public List<Long> filterByPermission(String resourceType, List<Long> resourceIds, String permissionType) {
        Long userId = LoginHelper.getUserId();
        return resourceIds.stream()
                .filter(resourceId -> permissionService.checkUserPermission(userId, resourceType, resourceId, permissionType))
                .collect(java.util.stream.Collectors.toList());
    }

    /**
     * 获取所有权限类型
     *
     * @return 权限类型列表
     */
    public List<String> getAllPermissionTypes() {
        return Arrays.asList(
                PERMISSION_READ,
                PERMISSION_WRITE,
                PERMISSION_DELETE,
                PERMISSION_SHARE,
                PERMISSION_MANAGE
        );
    }

    /**
     * 检查权限类型是否有效
     *
     * @param permissionType 权限类型
     * @return 是否有效
     */
    public boolean isValidPermissionType(String permissionType) {
        return getAllPermissionTypes().contains(permissionType);
    }
}
